lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Mar 2016 20:18:25 -0700 From: Linus Torvalds <torvalds@...ux-foundation.org> To: Rich Felker <dalias@...c.org> Cc: Linux-sh list <linux-sh@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Geert Uytterhoeven <geert@...ux-m68k.org>, Stephen Rothwell <sfr@...b.auug.org.au>, Yoshinori Sato <ysato@...rs.sourceforge.jp> Subject: Re: [GIT PULL] arch/sh updates for 4.6 On Thu, Mar 17, 2016 at 3:04 PM, Rich Felker <dalias@...c.org> wrote: > > Using git.libc.org for the sh tree is only temporary until we get one > setup on kernel.org, which is pending getting signatures on my key. I > hope to resolve that at ELC next month. Let me know if there's > anything you'd like me to do in the mean time to establish some > alternate basis of trust for these commits; hopefully it's less of an > issue being that they're not touching anything but a previously > unmaintained arch. I really want to see signed tags when pulling from non-kernel.org places. Even if you don't have signatures I can check on your keys, I want to see your key used for signing anyway, so that when your next pull request comes in I see that it's the same key (and hopefully you _will_ have signatures on your key eventually). So please send me a signed tag to pull rather than just a branchname, ok? Linus
Powered by blists - more mailing lists